Test ID:	1.3.6.1.4.1.25623.1.0.52668
Category:	Ubuntu Local Security Checks
Title:	Ubuntu USN-113-1 (libnet-ssleay-perl)
Summary:	NOSUMMARY
Description:	Description: The remote host is missing an update to libnet-ssleay-perl announced via advisory USN-113-1. A security issue affects the following Ubuntu releases: Ubuntu 5.04 (Hoary Hedgehog) The following packages are affected: libnet-ssleay-perl Details follow: Javier Fernandez-Sanguino Pena discovered that this library used the file /tmp/entropy as a fallback entropy source if a proper source was not set in the environment variable EGD_PATH. This can potentially lead to weakened cryptographic operations if an attacker provides a /tmp/entropy file with known content. The updated package requires the specification of an entropy source with EGD_PATH and also requires that the source is a socket (as opposed to a normal file). Please note that this only affects systems which have egd installed from third party sources egd is not shipped with Ubuntu. Solution: The problem can be corrected by upgrading the affected package to version 1.25-1ubuntu0.2. In general, a standard system upgrade is sufficient to effect the necessary changes. http://www.securityspace.com/smysecure/catid.html?in=USN-113-1 Risk factor : Medium CVSS Score: 4.6
Cross-Ref:	BugTraq ID: 13471 Common Vulnerability Exposure (CVE) ID: CVE-2005-0106 http://www.securityfocus.com/bid/13471 http://www.mandriva.com/security/advisories?name=MDKSA-2006:023 http://secunia.com/advisories/18639 https://usn.ubuntu.com/113-1/
Copyright	Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.